Automated system-level malware detection using machine learning: A comprehensive review /

Abstract

Malware poses a significant threat to computer systems and networks. This necessitates the development of effective detection mechanisms. Detection mechanisms dependent on signatures for attack detection perform poorly due to high false negatives. This limitation is attributed to the inability to detect zero-day attacks, polymorphic malware, increasing signature base, and detection speed. To achieve rapid detection, automated system-level malware detection using machine learning approaches, leveraging the power of artificial intelligence to identify and mitigate malware attacks, has emerged as a promising solution. This comprehensive review aims to provides a detailed analysis of the status quo in malware detection by exploring the fundamentals of machine learning techniques for malware detection. The review is largely based on the PRISMA approach for article search methods and selection from four databases. Keywords were identified together with inclusion and exclusion criteria. The review seeks feature extraction and selection methods that enhance the accuracy and precision of detection algorithms. Evaluation metrics and common datasets were used to assess the performance of the system-level malware detection techniques. A comparative analysis of different machine learning approaches, emphasizing their strengths, weaknesses, and performance in detecting system-level malware is presented together with the limitations of the detection techniques. The paper concludes with future research opportunities, particularly in applying artificial intelligence, and provides a resource for researchers and cybersecurity professionals seeking to understand and advance automated system-level malware detection using machine learning.